New York (AFP) – Sensitive information belonging to a company was stolen Millions of current and former AT&T customers It was recently discovered online, the telecom giant said this weekend.
In an announcement Saturday addressing the data breach, AT&T said the data set on the “dark web” contained information including some Social Security numbers and passcodes for about 7.6 million current account holders and 65.4 million previous account holders.
The Dallas-based company indicated whether the data “sourced from AT&T or one of its suppliers” remains unknown, adding that it has launched an investigation into the incident. AT&T has also begun notifying customers whose personal information has been compromised.
Here's what you need to know.
What information was compromised in this breach?
Although it varies depending on each customer and account, AT&T says the information involved in this breach included Social Security numbers and passcodes — which, unlike passwords, are digital PINs typically four digits long.
Full names, email addresses, mailing address, phone numbers, dates of birth, and AT&T account numbers may also have been compromised. The company said the affected data dates back to 2019 or earlier, and does not appear to include financial information or call history.
How do I know if I am affected?
Consumers affected by this breach should receive an email or letter directly from AT&T about the incident. Email notifications began going out on Saturday, an AT&T spokesperson confirmed to The Associated Press.
What action has AT&T taken?
In addition to these notices, AT&T said it has already reset passcodes for existing users. The company added that it will pay for credit monitoring services when required.
AT&T also said it has “launched an aggressive investigation” with internal and external cybersecurity experts to further investigate the situation.
Has AT&T seen data breaches like this before?
AT&T has experienced numerous data breaches ranging in size and impact Over the years.
While the company says data for this latest breach appeared on a hacking forum nearly two weeks ago, it closely resembles a similar breach that appeared in 2021 but was never acknowledged by AT&T. Cybersecurity researcher Troy Hunt He told the AP on Saturday.
“If they evaluate this and make the wrong decision about it, and years go by without being able to notify affected customers, the company will likely soon face class action lawsuits,” said Hunt, the founder. An Australian-based website warns people when their personal information is revealed.
An AT&T spokesperson declined to comment further when asked about these similarities on Sunday.
How can I protect myself in the future?
Avoiding data breaches altogether can be difficult in our digital world, but consumers can take some steps to help protect themselves in the future.
The basics include creating and using passwords that are difficult to guess Multi-factor authentication When possible. If you receive a notification about a breach, it's a good idea to change your password and monitor account activity for any suspicious transactions. You'll also need to visit the company's official website for reliable contact information – scammers sometimes try to capitalize on news such as data breaches to gain your trust through phishing-like emails or phone calls.
In addition to the Federal Trade Commission Notes Credit bureaus nationwide — such as Equifax, Experian and TransUnion — offer free credit freezes and fraud alerts that consumers can set up to help protect themselves from identity theft and other malicious activity.
___
AP reporter Matt O'Brien contributed to this report from Providence, Rhode Island.
“Beer fan. Travel specialist. Amateur alcohol scholar. Bacon trailblazer. Music fanatic.”